<?php

class UsersController extends AppController {
	var $scaffold = 'admin';
	var $uses=array("User","Group");
	function beforeFilter() {
		parent::beforeFilter();
		$this->Auth->allowedActions=array('reg','unreg');
	}

	/*
	 * reg() - registration
	 *
	 * data:
	 * [POST] username
	 * [POST] realname
	 * [POST] password
	 * [POST] password_confirm
	 * [POST] student_id
	 * [POST] nickname
	 * [POST] email
	 *
	 * return:
	 *
	 * success: 1 if success. 0 otherwise.
	 * errmsg(optional): error message when fail.
	 * errcode(optional): error code.
	 */

	function reg(){
		try{
			if(!($this->RequestHandler->isPost())){
				if($this->RequestHandler->isAjax()){
					throw new Exception("No form data.");
				}else{
					$this->helpers=array('Form', 'Html', 'Javascript', 'Time');
					$this->render(null,"launcher");
					return;
				}
			}
			if($this->params["form"]["password"]==null||$this->params["form"]["password"]==""){
				throw new Exception("No password.");
			}
			if($this->params["form"]["password_confirm"]==null||$this->params["form"]["password_confirm"]==""){
				throw new Exception("No password_confirm.");
			}
			if($this->params["form"]["password"]!=$this->params["form"]["password_confirm"]){
				throw new Exception("Wrong password");
			}
			$act_code=sha1($this->_get_real_ip().$this->params["form"]["username"].time().rand());
			$this->User->set(array(
				"User"=>array(
					"username"=>$this->params["form"]["username"],
					"realname"=>$this->params["form"]["realname"],
					"password"=>$this->Auth->password($this->params["form"]["password"]),
					"student_id"=>$this->params["form"]["student_id"],
					"nickname"=>$this->params["form"]["nickname"],
					"email"=>$this->params["form"]["email"],
					"group_id"=>1,
					"activated"=>1,
					"reg_ip"=>$this->_get_real_ip(),
					"act_code"=>$act_code
			)));
			if(!$this->User->validates()){
				$this->set('user',array("success"=>0,"errmsg"=>"Wrong Data Format","error"=>$this->User->invalidFields()));
				$this->set('json',array("user"));
				$this->render();
				return;
			}
			$save=$this->User->save();
			if(!$save){
				throw new Exception("Save failed.");
			}
			$this->set('user',array("success"=>1));
			$this->set('json',array("user"));
		}catch(Exception $exception){
			$this->set('user',array("success"=>0,"errmsg"=>$exception->getMessage()));
			$this->set('json',array("user"));
		}
	}
	function unreg(){
		try{
			if(!($this->RequestHandler->isPost())){
				if($this->RequestHandler->isAjax()){
					throw new Exception("No form data.");
				}else{
					$this->helpers=array('Form', 'Html', 'Javascript', 'Time');
					$this->render(null,"launcher");
					return;
				}
			}
			if($this->params["form"]["username"]==null||$this->params["form"]["username"]==""){
				throw new Exception("未輸入帳號");
			}
			if($this->params["form"]["password"]==null||$this->params["form"]["password"]==""){
				throw new Exception("未輸入密碼");
			}
			$result=$this->User->find('all',array('conditions'=>array('User.username'=>$this->params["form"]["username"])));
			if($result==null||$result[0]["User"]["password"]!=$this->Auth->password($this->params["form"]["password"])){
				throw new Exception("帳號或密碼錯誤");
			}
			$this->set('user',array("success"=>$this->User->delete($result[0]['User']['id'],false)));
			$this->set('json',array("user"));
		}catch(Exception $exception){
			$this->set('user',array("success"=>0,"errmsg"=>$exception->getMessage()));
			$this->set('json',array("user"));
		}
	}
};

?>
